https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r2: Changed Environment object to be BugTrack ($env --> $bugsys).. hopefully this...
[bugdar.git] / login.php
1 <?php
2 /*=====================================================================*\
3 || ################################################################### ||
4 || # [#]app[#] [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # All parts of this file are ©2003-[#]year[#] Iris Studios, Inc. No # ||
7 || # part of this file may be reproduced in any way: part or whole. # ||
8 || # --------------------------------------------------------------- # ||
9 || # ©2003 - [#]year[#] Iris Studios, Inc. | http://www.iris-studios.com # ||
10 || ################################################################### ||
11 \*=====================================================================*/
12
13 require_once('./global.php');
14
15 // ###################################################################
16
17 if ($bugsys->userinfo['userid'] AND $_REQUEST['do'] != 'logout' AND $_POST['do'] != 'cplogin')
18 {
19 echo 'You are already logged in.';
20 exit;
21 }
22
23 // ###################################################################
24
25 if (empty($_REQUEST['do']))
26 {
27 echo <<<EOF
28 <form action="login.php" name="register" method="post">
29 <input type="hidden" name="do" value="login" />
30 <input type="hidden" name="goindex" value="1" />
31 Email: <input type="text" name="email" size="30" /><br />
32 Password: <input type="password" name="password" size="30" /><br />
33 Remember Me: <input type="checkbox" name="rememberme" value="1" checked="checked" /> Yes<br />
34 <input type="submit" name="submit" value="Login" accesskey="s" /> <input type="reset" name="reset" value="Reset" accesskey="r" />
35 </form>
36 EOF;
37 }
38
39 // ###################################################################
40
41 if ($_POST['do'] == 'login' OR $_POST['do'] == 'cplogin')
42 {
43 sanitize(array('email' => STR_NOHTML, 'password' => STR, 'rememberme' => INT));
44
45 if ($_POST['cplogin'])
46 {
47 $vars['rememberme'] = 1;
48 }
49
50 if ($_POST['goindex'])
51 {
52 $_SERVER['HTTP_REFERER'] = '';
53 }
54
55 if ($_SERVER['HTTP_REFERER'])
56 {
57 $url = $_SERVER['HTTP_REFERER'];
58 }
59 else
60 {
61 $url = 'index.php';
62 }
63
64 $userinfo = $DB_sql->query_first("SELECT * FROM user WHERE email = '" . addslasheslike($vars['email']) . "'");
65 if (md5(md5($vars['password']) . md5($userinfo['salt'])) == $userinfo['password'])
66 {
67 mysetcookie(COOKIE_PREFIX . 'userid', $userinfo['userid'], $vars['rememberme']);
68 mysetcookie(COOKIE_PREFIX . 'authkey', $userinfo['authkey'], $vars['rememberme']);
69 }
70 else
71 {
72 mysetcookie(COOKIE_PREFIX . 'userid');
73 mysetcookie(COOKIE_PREFIX . 'authkey');
74 echo 'Invalid email or password.';
75 exit;
76 }
77
78 if ($_POST['do'] == 'cplogin')
79 {
80 mysetcookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5($userinfo['email']) . md5($userinfo['userid'])));
81 }
82
83 echo 'You are now logged in :-)';
84
85 header("Location: $url");
86 }
87
88 // ###################################################################
89
90 if ($_REQUEST['do'] == 'logout')
91 {
92 if ($bugsys->userinfo['userid'])
93 {
94 mysetcookie(COOKIE_PREFIX . 'userid');
95 mysetcookie(COOKIE_PREFIX . 'authkey');
96 }
97 else
98 {
99 echo 'You need to be logged in!';
100 }
101 }
102
103 /*=====================================================================*\
104 || ###################################################################
105 || # $HeadURL$
106 || # $Id$
107 || ###################################################################
108 \*=====================================================================*/
109 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.